HackerTrans
トップ新着トレンドコメント過去質問紹介求人

sixtiethutopia

no profile record

コメント

sixtiethutopia
·2 か月前·議論
That's not what security through obscurity means. Security through obscurity has a specific meaning, it doesn't just mean to gain security by hiding anything it means to attempt to gain security by hiding how a system works.

ASLR is a well understood system that exploit writers know to expect and thus ASLR is not security through obscurity.
sixtiethutopia
·昨年·議論
It's email-compatible and uses pgp for encryption. No forward secrecy and supports sending unencrypted messages as well for people who don't have pgp.

No forward secrecy and will automatically switch to unencrypted messages if you receive an unencrypted message from a contact.

I wonder if it's vulnerable to downgrade attacks from adversaries falsifying the sending address. If an adversary sends an unencrypted email imitating a contact will delta chat reject it or will it silently switch the chat with that contact over to unencrypted email?